room

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly models a document-processing pipeline where raw files land in uploads/ and inbox/ and are parsed and then sent to an analyzer (see "uploads/" -> parser/ -> analyzer/ with prompt "Summarize and extract entities"), which means the agent will ingest and interpret arbitrary/untrusted user-provided third‑party content as part of its workflow.